The present invention relates generally to a system and method for multi-session establishment for a single device.
Network security has become a business critical issue. As a result, there is a need for different applications and systems to authenticate to one another. These authentications occur in an isolated context and result in the establishment of multiple, secure, authenticated sessions.
For example, in the wireless context, an access point may run several different applications or subsystems. As a result, there is a need for the access point to authenticate several times. When multiplied across a network comprising hundreds of access points, this can significantly load the AAA (Authentication, Authorization and Accounting) servers.
Existing single sign-on systems tend to be an optimization on the user side, eliminating the need for the user to continuously log into different applications by hiding subsequent authentications from the user. Typically, the user performs a single login to “unlock” access to secure credentials. These credentials are then used by the single sign-on system to authenticate the user to other applications as required. For example, Kerberos, available from the Massachusetts Institute of Technology and many other commercial products, authenticate a user to a ticketing server. The user requests tickets for each application the user would like to use. When the user starts an application, the tickets are used to establish a secure session with each application by the single sign-on system. The user's device submits the ticket to the authenticator for the application, the authenticator then authenticates the ticket with the ticketing server. Thus, the device is still performing multiple authentications, even though authentications to applications are hidden from the user by the single sign-on system.
U.S. application Ser. No. 11/098,253 describes a method wherein a single device with multiple subsystems—each subsystem requiring authentication to a different authenticator, may authenticate all such subsystems in a single transaction. The device aggregates the multiple authentication requests and submits them through the primary authenticator to the authentication server. The authentication server would validate the individual subsystems and send the resultant keys to each authenticator.
However, a shortcoming of the aforementioned method is that it assumes that the infrastructure has only a single authentication server. Many networks have a server farm of AAA (Authentication, Authorization and Accounting) servers. In other, more complex cases, there could be disjoint or “shattered” AAA servers with different information stored on different AAA server farms. Furthermore, complex networks may employ authorization or policy servers which contain knowledge about what is permissible for a given client or entity. The authorization servers may be separate from the authentication server. Even in the case where a single authentication server is used to authenticate the client only once, the authentication server must still verify that the device is authorized to be served by each of the subsystems.